k8s安装
2020-06-18 本文已影响0人
小火柴2019
一 准备
| 节点名称 | 操作系统 | 主机名 | IP | 配置 |
|---|---|---|---|---|
| 管理节点 | CentOS-7.6 | master | 192.168.0.200 | >=2核4G |
| 工作节点1 | CentOS-7.6 | worker-1 | 192.168.0.201 | >=2核4G |
| 工作节点2 | CentOS-7.6 | worker-2 | 192.168.0.202 | >=2核4G |
- 同步时间
yum install -y ntp
ntpdate asia.pool.ntp.org
- 设置主机名
hostnamectl set-hostname <your_hostname>
echo "127.0.0.1 $(hostname)" >> /etc/hosts
- 升级源
yum update -y
二 安装docker
- 安装docker所需工具
yum install -y yum-utils device-mapper-persistent-data lvm2
- 配置阿里云Docker源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
- 安装docker19.03.8
yum install -y docker-ce-19.03.8 docker-ce-cli-19.03.8 containerd.io
- 修改docker Cgroup Driver
sed -i "s#^ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd#g" /usr/lib/systemd/system/docker.service
- 设置开机启动并启动
systemctl enable docker && systemctl start docker
- 配置docker加速
vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}
- 设置开机启动并启动
systemctl daemon-reload
systemctl restart docker
- 安装nfs-utils
yum install -y nfs-utils
- 关闭防火墙
systemctl stop firewalld && systemctl disable firewalld
- 关闭Selinux
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
- 关闭swap
swapoff -a
yes | cp /etc/fstab /etc/fstab_bak
cat /etc/fstab_bak |grep -v swap > /etc/fstab
- 修改 /etc/sysctl.conf
sed -i "s#^net.ipv4.ip_forward.*#net.ipv4.ip_forward=1#g" /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-ip6tables.*#net.bridge.bridge-nf-call-ip6tables=1#g" /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-iptables.*#net.bridge.bridge-nf-call-iptables=1#g" /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.all.disable_ipv6.*#net.ipv6.conf.all.disable_ipv6=1#g" /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.default.disable_ipv6.*#net.ipv6.conf.default.disable_ipv6=1#g" /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.lo.disable_ipv6.*#net.ipv6.conf.lo.disable_ipv6=1#g" /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.all.forwarding.*#net.ipv6.conf.all.forwarding=1#g" /etc/sysctl.conf
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.forwarding = 1" >> /etc/sysctl.conf
sysctl -p
三 安装必要工具
- 配置K8S的yum源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
- 安装kubeadm 1.18.3
yum install -y kubelet-1.18.3 kubeadm-1.18.3 kubectl-1.18.3
systemctl enable kubelet && systemctl start kubelet
四 初始化master节点
- 配置hosts
export MASTER_IP=192.168.0.200
export APISERVER_NAME=api.server.com
echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts
- 配置kubeadm-config.yaml
cat <<EOF > ./kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: v1.18.3
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
controlPlaneEndpoint: "${APISERVER_NAME}:6443"
networking:
serviceSubnet: "10.96.0.0/16"
podSubnet: "${POD_SUBNET}"
dnsDomain: "cluster.local"
EOF
- 初始化
kubeadm init --config=kubeadm-config.yaml --upload-certs
- 配置 kubectl
mkdir /root/.kube/
cp -i /etc/kubernetes/admin.conf /root/.kube/config
- 安装 calico 网络插件
wget https://gitee.com/the_little_match/file/blob/master/calico-3.13.1.yaml
kubectl apply -f calico-3.13.1.yaml
- 检查 master 初始化结果
watch kubectl get pod -n kube-system -o wide
kubectl get nodes -o wide
五 初始化worker节点
- 获得 join命令
kubeadm token create --print-join-command
- 初始化worker
export MASTER_IP=192.168.0.200
export APISERVER_NAME=api.server.com
echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts
kubeadm join api.server.com:6443 --token mpfjma.4vjjg8flqihor4vt --discovery-token-ca-cert-hash sha256:6f7a8e40a810323672de5eee6f4d19aa2dbdb38411845a1bf5dd63485c43d303
六 检查结果
- 检查初始化结果
kubectl get nodes -o wide
七 安装 Ingress Controller
- 在 master 节点上执行
kubectl apply -f https://gitee.com/the_little_match/file/blob/master/nginx-ingress.yaml
- 验证配置
在浏览器访问 192.168.0.201,将得到 404 NotFound 错误页面
八 加入其他master
- 在 主master 节点上执行
kubeadm token create --print-join-command
kubeadm init phase upload-certs --upload-certs
- 获取加入master命令
kubeadm join api.server.com:6443 --token b16enw.f7sks7hujc3jfn89 --discovery-token-ca-cert-hash sha256:5fe6505ffaad9d3eecd47acf7f3e80b4ef02f5f5c3c3385edec6c81a78f6efb8 --control-plane --certificate-key 5e045e04c03cfb09b0babc3f86529edc9db134a5cdac08bc22ec6acebd8a3b09
九 加入其他worker
- 在 主master 节点上执行
kubeadm token create --print-join-command
- 获取加入worker命令
kubeadm join api.server.com:6443 --token b16enw.f7sks7hujc3jfn89 --discovery-token-ca-cert-hash sha256:5fe6505ffaad9d3eecd47acf7f3e80b4ef02f5f5c3c3385edec6c81a78f6efb8
